Enabling Secure and Efficient Video Delivery Through Encrypted In-Network Caching
In-network content caching has been a natural trend in emerging network architectures to handle the exponential growth of video traffic. However, due to the potentially wide attacking surfaces, caching video content in the increasingly untrusted networked environment inevitably raises new concerns o...
Saved in:
Published in | IEEE journal on selected areas in communications Vol. 34; no. 8; pp. 2077 - 2090 |
---|---|
Main Authors | , , , , , , , |
Format | Journal Article |
Language | English |
Published |
New York
IEEE
01.08.2016
The Institute of Electrical and Electronics Engineers, Inc. (IEEE) |
Subjects | |
Online Access | Get full text |
Cover
Loading…
Abstract | In-network content caching has been a natural trend in emerging network architectures to handle the exponential growth of video traffic. However, due to the potentially wide attacking surfaces, caching video content in the increasingly untrusted networked environment inevitably raises new concerns on user privacy exposure and unauthorized video access. Existing encrypted protocols like HTTPs either fall short of fully leveraging in-network caching or require decrypting the traffic in the middle without guaranteeing the end-to-end security. In this paper, we present a new networked system for efficient encrypted video delivery while preserving the benefits of in-network caching. As video chunks are encrypted before distribution, we first design a compact, efficient, yet encrypted video fingerprint index to empower the network with a fully controlled capability of locating the cached encrypted chunks for given encrypted requests. We then explain how to deploy the encrypted design in our proposed architecture and present a secure redundancy elimination protocol to enable fast video delivery via leveraging cached encrypted chunks. We further discuss the full support of cache management, adaptive video delivery, and video access control. Rigorous analysis and prototype evaluations demonstrate the security, efficiency, and effectiveness of the design. |
---|---|
AbstractList | In-network content caching has been a natural trend in emerging network architectures to handle the exponential growth of video traffic. However, due to the potentially wide attacking surfaces, caching video content in the increasingly untrusted networked environment inevitably raises new concerns on user privacy exposure and unauthorized video access. Existing encrypted protocols like HTTPs either fall short of fully leveraging in-network caching or require decrypting the traffic in the middle without guaranteeing the end-to-end security. In this paper, we present a new networked system for efficient encrypted video delivery while preserving the benefits of in-network caching. As video chunks are encrypted before distribution, we first design a compact, efficient, yet encrypted video fingerprint index to empower the network with a fully controlled capability of locating the cached encrypted chunks for given encrypted requests. We then explain how to deploy the encrypted design in our proposed architecture and present a secure redundancy elimination protocol to enable fast video delivery via leveraging cached encrypted chunks. We further discuss the full support of cache management, adaptive video delivery, and video access control. Rigorous analysis and prototype evaluations demonstrate the security, efficiency, and effectiveness of the design. |
Author | Xingliang Yuan Cong Wang Jinfan Wang Yilei Chu Shucheng Liu Xinyu Wang Montpetit, Marie-Jose Jianping Wang |
Author_xml | – sequence: 1 surname: Xingliang Yuan fullname: Xingliang Yuan email: xl.y@my.cityu.edu.hk organization: Dept. of Comput. Sci., City Univ. of Hong Kong, Hong Kong, China – sequence: 2 surname: Xinyu Wang fullname: Xinyu Wang email: xy.w@my.cityu.edu.hk organization: Dept. of Comput. Sci., City Univ. of Hong Kong, Hong Kong, China – sequence: 3 surname: Jinfan Wang fullname: Jinfan Wang email: jfwang4@cityu.edu.hk organization: Dept. of Comput. Sci., City Univ. of Hong Kong, Hong Kong, China – sequence: 4 surname: Yilei Chu fullname: Yilei Chu email: ychu1@andrew.cmu.edu organization: Inf. Networking Inst., Carnegie Mellon Univ., Pittsburgh, PA, USA – sequence: 5 surname: Cong Wang fullname: Cong Wang email: congwang@cityu.edu.hk organization: Dept. of Comput. Sci., City Univ. of Hong Kong, Hong Kong, China – sequence: 6 surname: Jianping Wang fullname: Jianping Wang email: jianwang@cityu.edu.hk organization: Dept. of Comput. Sci., City Univ. of Hong Kong, Hong Kong, China – sequence: 7 givenname: Marie-Jose surname: Montpetit fullname: Montpetit, Marie-Jose email: marie@mjmontpetit.com organization: Res. Lab. of Electron., Massachusetts Inst. of Technol., Cambridge, MA, USA – sequence: 8 surname: Shucheng Liu fullname: Shucheng Liu email: liushucheng@huawei.com organization: Huawei Technol. Co., Ltd., Shenzhen, China |
BookMark | eNpdkE1P20AQhleISg2UH1BxWakXLk5ndvbLRxQCpUJUCNqr5azHxNSsw9qmyr_HURCHnubyvK_eeY7EYewiC_EVYY4I-fef9-eLuQK0c2WcI8ADMUNjfAYA_lDMwBFl3qH9LI76_gkAtfZqJu6WsVy1TXyU9xzGxLKMlVzWdRMajoP801TcyQtum1dOW_mwTt34uJbLGNJ2M3Alr2N2y8O_Lv2VizKsp6Iv4lNdtj2fvN9j8fty-bD4kd38urpenN9kgZQdslwDgfclWavqmr3WBqvcWKfB2xUFApfbijVWRKr0rFbBaE9WKfTeMNCxONv3blL3MnI_FM9NH7hty8jd2BfoafrfAdkJ_fYf-tSNKU7rJgqRlPOEE4V7KqSu7xPXxSY1z2XaFgjFTnKxk1zsJBfvkqfM6T7TMPMH77Q3Pjf0Bsh9dvQ |
CODEN | ISACEM |
CitedBy_id | crossref_primary_10_1109_TMM_2017_2733338 crossref_primary_10_1109_JSAC_2020_2971806 crossref_primary_10_1109_TSC_2018_2850333 crossref_primary_10_1109_COMST_2017_2758763 crossref_primary_10_1109_JPROC_2021_3127277 crossref_primary_10_1109_JIOT_2020_3048842 crossref_primary_10_1109_COMST_2023_3265984 crossref_primary_10_1109_MIC_2018_2877809 crossref_primary_10_1109_ACCESS_2019_2950593 crossref_primary_10_1109_TCOMM_2019_2935047 crossref_primary_10_1109_JIOT_2017_2764418 |
Cites_doi | 10.1145/2674005.2675003 10.1109/GLOCOM.2013.6831390 10.1145/2382196.2382298 10.1109/TMM.2013.2238910 10.1109/INFCOM.2012.6195531 10.1145/1594977.1592580 10.1145/2714576.2714628 10.1145/2342488.2342508 10.1109/TNET.2012.2190297 10.1145/2070562.2070563 10.1145/347057.347408 10.3233/JCS-2011-0426 10.1145/2155555.2155570 10.1145/2620728.2620768 10.1016/j.jalgor.2003.12.002 10.1109/MCOM.2012.6231276 10.1145/2342488.2342501 10.1109/ANCS.2013.6665203 10.1145/2674005.2674994 10.1145/2377677.2377680 10.1145/1921233.1921240 10.1145/2656877.2656887 10.1109/SP.2014.12 10.14722/ndss.2014.23264 10.1145/2785956.2787502 10.1145/2491224.2491228 10.1145/1180405.1180418 10.1145/1127345.1127346 |
ContentType | Journal Article |
Copyright | Copyright The Institute of Electrical and Electronics Engineers, Inc. (IEEE) 2016 |
Copyright_xml | – notice: Copyright The Institute of Electrical and Electronics Engineers, Inc. (IEEE) 2016 |
DBID | 97E RIA RIE AAYXX CITATION 7SP 8FD L7M F28 FR3 |
DOI | 10.1109/JSAC.2016.2577301 |
DatabaseName | IEEE All-Society Periodicals Package (ASPP) 2005-present IEEE All-Society Periodicals Package (ASPP) 1998-Present IEEE Electronic Library (IEL) CrossRef Electronics & Communications Abstracts Technology Research Database Advanced Technologies Database with Aerospace ANTE: Abstracts in New Technology & Engineering Engineering Research Database |
DatabaseTitle | CrossRef Technology Research Database Advanced Technologies Database with Aerospace Electronics & Communications Abstracts Engineering Research Database ANTE: Abstracts in New Technology & Engineering |
DatabaseTitleList | Technology Research Database Engineering Research Database |
Database_xml | – sequence: 1 dbid: RIE name: IEEE Electronic Library (IEL) url: https://proxy.k.utb.cz/login?url=https://ieeexplore.ieee.org/ sourceTypes: Publisher |
DeliveryMethod | fulltext_linktorsrc |
Discipline | Engineering |
EISSN | 1558-0008 |
EndPage | 2090 |
ExternalDocumentID | 4147270381 10_1109_JSAC_2016_2577301 7485895 |
Genre | orig-research |
GrantInformation_xml | – fundername: National Natural Science Foundation of China–Guangdong Joint Fund grantid: U1501254 funderid: 10.13039/501100001809 – fundername: Microsoft Azure Grant for Research funderid: 10.13039/100004318 – fundername: Research Grants Council of Hong Kong grantid: CityU 138513; 122913 – fundername: Natural Science Foundation of China grantid: 61572412 funderid: 10.13039/501100001809 |
GroupedDBID | -~X .DC 0R~ 29I 3EH 4.4 41~ 5GY 5VS 6IK 97E AAJGR AASAJ AAYOK ABQJQ ABVLG ACGFO ACGFS ACIWK ACNCT ADRHT AENEX AETIX AI. AIBXA AKJIK ALLEH ALMA_UNASSIGNED_HOLDINGS ATWAV BEFXN BFFAM BGNUA BKEBE BPEOZ CS3 DU5 EBS EJD HZ~ H~9 IBMZZ ICLAB IES IFIPE IFJZH IPLJI JAVBF LAI M43 O9- OCL P2P RIA RIE RIG RNS TN5 VH1 XFK AAYXX CITATION 7SP 8FD L7M F28 FR3 |
ID | FETCH-LOGICAL-c326t-9403088a3662ffe84451d95674086b3c30796de41d332a8e2bc54836221885e03 |
IEDL.DBID | RIE |
ISSN | 0733-8716 |
IngestDate | Fri Aug 16 23:26:14 EDT 2024 Thu Oct 10 17:57:37 EDT 2024 Fri Aug 23 02:18:41 EDT 2024 Wed Jun 26 19:28:33 EDT 2024 |
IsPeerReviewed | true |
IsScholarly | true |
Issue | 8 |
Language | English |
LinkModel | DirectLink |
MergedId | FETCHMERGED-LOGICAL-c326t-9403088a3662ffe84451d95674086b3c30796de41d332a8e2bc54836221885e03 |
Notes | ObjectType-Article-1 SourceType-Scholarly Journals-1 ObjectType-Feature-2 content type line 23 |
PQID | 1811327831 |
PQPubID | 85481 |
PageCount | 14 |
ParticipantIDs | proquest_miscellaneous_1835587036 proquest_journals_1811327831 crossref_primary_10_1109_JSAC_2016_2577301 ieee_primary_7485895 |
PublicationCentury | 2000 |
PublicationDate | 2016-08-01 |
PublicationDateYYYYMMDD | 2016-08-01 |
PublicationDate_xml | – month: 08 year: 2016 text: 2016-08-01 day: 01 |
PublicationDecade | 2010 |
PublicationPlace | New York |
PublicationPlace_xml | – name: New York |
PublicationTitle | IEEE journal on selected areas in communications |
PublicationTitleAbbrev | J-SAC |
PublicationYear | 2016 |
Publisher | IEEE The Institute of Electrical and Electronics Engineers, Inc. (IEEE) |
Publisher_xml | – name: IEEE – name: The Institute of Electrical and Electronics Engineers, Inc. (IEEE) |
References | ref13 ref12 ref37 ref36 (ref5) 2012 ref31 ref30 ref33 ref32 ref10 dorwin (ref15) 2015 ref2 wang (ref11) 2013 ref16 ref19 ref18 hughes (ref34) 2014 (ref1) 2015 (ref21) 2014 angius (ref14) 2015 ref24 ref23 ref26 ref25 ref20 ref22 ref28 ref27 ref29 ref8 (ref17) 2014 ref7 ref9 ref4 ref3 burns (ref35) 2011 ref6 |
References_xml | – ident: ref9 doi: 10.1145/2674005.2675003 – ident: ref8 doi: 10.1109/GLOCOM.2013.6831390 – ident: ref19 doi: 10.1145/2382196.2382298 – ident: ref25 doi: 10.1109/TMM.2013.2238910 – ident: ref31 doi: 10.1109/INFCOM.2012.6195531 – ident: ref37 doi: 10.1145/1594977.1592580 – ident: ref26 doi: 10.1145/2714576.2714628 – ident: ref7 doi: 10.1145/2342488.2342508 – year: 2014 ident: ref34 publication-title: ISO/IEC 23001-7 3rd Edition-Common Encryption in ISO Base Media File Format Files contributor: fullname: hughes – ident: ref24 doi: 10.1109/TNET.2012.2190297 – ident: ref30 doi: 10.1145/2070562.2070563 – ident: ref36 doi: 10.1145/347057.347408 – year: 2015 ident: ref1 publication-title: Virtual Networking Index (VNI) – year: 2011 ident: ref35 publication-title: Watch Out Netflix Amazon Instant Video Reaches 100 000 On-Demand Titles contributor: fullname: burns – ident: ref18 doi: 10.3233/JCS-2011-0426 – ident: ref27 doi: 10.1145/2155555.2155570 – ident: ref10 doi: 10.1145/2620728.2620768 – ident: ref28 doi: 10.1016/j.jalgor.2003.12.002 – ident: ref2 doi: 10.1109/MCOM.2012.6231276 – start-page: 687 year: 2013 ident: ref11 article-title: Steal this movie-Automatically bypassing DRM protection in streaming media services publication-title: Proc Usenix Security contributor: fullname: wang – ident: ref6 doi: 10.1145/2342488.2342501 – year: 2012 ident: ref5 publication-title: Cisco ASR 9000 Series Integrated Service Module – ident: ref4 doi: 10.1109/ANCS.2013.6665203 – ident: ref20 doi: 10.1145/2674005.2674994 – ident: ref23 doi: 10.1145/2377677.2377680 – start-page: 267 year: 2015 ident: ref14 article-title: Drop dead data-What to expect securing data instead of channels publication-title: Proc IEEE CCNC contributor: fullname: angius – year: 2015 ident: ref15 publication-title: W3C Editor's Draft-Encrypted Media Extensions contributor: fullname: dorwin – ident: ref3 doi: 10.1145/1921233.1921240 – ident: ref29 doi: 10.1145/2656877.2656887 – ident: ref13 doi: 10.1109/SP.2014.12 – ident: ref32 doi: 10.14722/ndss.2014.23264 – ident: ref16 doi: 10.1145/2785956.2787502 – ident: ref12 doi: 10.1145/2491224.2491228 – ident: ref33 doi: 10.1145/1180405.1180418 – year: 2014 ident: ref17 publication-title: Information Technology-Dynamic Adaptive Streaming Over HTTP (DASH)-Part 1 Media Presentation Description and Segment Formats – year: 2014 ident: ref21 publication-title: Information Technology-High Efficiency Coding and Media Delivery in Heterogeneous Environments-Part 1 MPEG Media Transport (MMT) – ident: ref22 doi: 10.1145/1127345.1127346 |
SSID | ssj0014482 |
Score | 2.3491173 |
Snippet | In-network content caching has been a natural trend in emerging network architectures to handle the exponential growth of video traffic. However, due to the... |
SourceID | proquest crossref ieee |
SourceType | Aggregation Database Publisher |
StartPage | 2077 |
SubjectTerms | Caching Cryptography Design analysis Design engineering encrypted in-network caching Indexes Networks Protocol (computers) Protocols secure redundancy elimination Secure video delivery Security Servers Streaming media Traffic engineering Traffic flow |
Title | Enabling Secure and Efficient Video Delivery Through Encrypted In-Network Caching |
URI | https://ieeexplore.ieee.org/document/7485895 https://www.proquest.com/docview/1811327831 https://search.proquest.com/docview/1835587036 |
Volume | 34 |
hasFullText | 1 |
inHoldings | 1 |
isFullTextHit | |
isPrint | |
link | http://utb.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwjV1LS8QwEB7Ukx58i-uLCJ7ErmnTNulR1hUVFMQH3kqTTkGU7qK7B_31zqTdxdfBW6BJGjKTzHyZyReAA20lahfpIKkKGZBSYGCrjFCKxSJ1VSjRA8Wr6_T8Pr58TB5n4Gh6FwYRffIZdrnoY_nlwI35qOxYxyYxWTILs0ZGzV2tacSAYIaPGGilAgYBbQQzlNnx5e1Jj5O40i7pJ2v0NxvkH1X5tRN783K2BFeTgTVZJc_d8ch23ccPzsb_jnwZFls_U5w0irECM1ivwsIX9sE1uOnzvSkqCn_ojqKoS9H3lBLUmXh4KnEgTvGFMzfexV3zoI_o1-71fUh-qriog-smiVz0mpTMdbg_69_1zoP2hYXAkds2CrKY6WpModI0qio0zFZWEmLSMSEdqxxtAFlaYhyWSkWFwcg6Qjhk88gxMAlKtQFz9aDGTRAhNZcapVOo4swqo8nq2SoKy0oWrkw7cDiZ83zYEGnkHoDILGcB5SygvBVQB9Z4DqcV2-nrwM5ESnm71N5yclEIUWujqNX-9DMtEo58FDUOxlyHWeSZa2zr7563YZ7_32T27cDc6HWMu-RtjOyeV7NPBAzPbg |
link.rule.ids | 315,786,790,802,27955,27956,55107 |
linkProvider | IEEE |
linkToHtml | http://utb.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwjV3fT9swED517GHjATYKosDAk_aESHHiJE4eUVdUoK00rUW8RbFzkaahFEH7AH89d05aMdgDb5b8Q5bv7LvPd_4M8EMbidoG2ovKXHqkFOiZMiWUYjCPbelLdEBxNI4H0_DyJrppwcnqLQwiuuQz7HLRxfKLmV3wVdmpDpMoSaMP8JHsvNT1a61VzICAhosZaKU8hgFNDNOX6enl77Mep3HFXdJQ1ul_rJD7VuXNWewMzPkmjJZTq_NK_nYXc9O1T69YG9879y-w0Xia4qxWja_QwmoL1l_wD7bhV59fTlFRuGt3FHlViL4jlaDBxPWfAmfiJ95y7sajmNRf-oh-Ze8f78hTFReVN67TyEWvTsrchul5f9IbeM0fC54lx23upSET1iS5iuOgLDFhvrKCMJMOCesYZekISOMCQ79QKsgTDIwljENWj1yDJEKpdmCtmlW4C8Kn7lKjtApVmBqVaLJ7pgz8opS5LeIOHC_XPLurqTQyB0FkmrGAMhZQ1gioA21ew1XDZvk6cLCUUtZstoeMnBTC1DpR1Ov7qpq2Ccc-8gpnC27DPPLMNrb3_5GP4NNgMhpmw4vx1T585rnUeX4HsDa_X-A38j3m5tCp3DMfOtLC |
openUrl | ctx_ver=Z39.88-2004&ctx_enc=info%3Aofi%2Fenc%3AUTF-8&rfr_id=info%3Asid%2Fsummon.serialssolutions.com&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=article&rft.atitle=Enabling+Secure+and+Efficient+Video+Delivery+Through+Encrypted+In-Network+Caching&rft.jtitle=IEEE+journal+on+selected+areas+in+communications&rft.au=Yuan%2C+Xingliang&rft.au=Wang%2C+Xinyu&rft.au=Wang%2C+Jinfan&rft.au=Chu%2C+Yilei&rft.date=2016-08-01&rft.issn=0733-8716&rft.volume=34&rft.issue=8&rft.spage=2077&rft.epage=2090&rft_id=info:doi/10.1109%2FJSAC.2016.2577301&rft.externalDBID=NO_FULL_TEXT |
thumbnail_l | http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/lc.gif&issn=0733-8716&client=summon |
thumbnail_m | http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/mc.gif&issn=0733-8716&client=summon |
thumbnail_s | http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/sc.gif&issn=0733-8716&client=summon |